ActiveDirSec.Org

The world's most trusted forum on Active Directory Security


Post Info TOPIC: Is RAID1 an acceptable configuration for a Domain Controller?
Zif


Newbie

Posts: 1
Date: Dec 17, 2010
Is RAID1 an acceptable configuration for a Domain Controller?
Permalink  
 


I'd like to know if RAID-1 is an acceptable configuration for a DC?

Thanks.



__________________


Newbie

Posts: 1
Date: Dec 17, 2010
Is RAID1 an acceptable configuration for a Domain Controller?
Permalink  
 


Depends.

On hardware type used (i.e. a blade which only has 2 drive bays) and on data center security. Is it a secured dark site? Only limited technicians have access rights? How is the SLA and hardware replacement dealing with restrictions?

Do you bitlocker on the DCs? (That is actually another good questions because bitlocker info is stroed in AD and Bitlocker security has been compromised already in part (?!).... the list can be endless.

If you are paranoid someone taking the disk can using the same hardware to attack it with a bunch of Fermi-powered GPUs, don't do it. and then better not use VM technology as well.

You need to weigh risk, cost and administratrative overhead into this...



__________________
Kind regards,
F. G. Hoffmann, MCITP EA


Newbie

Posts: 1
Date: Dec 20, 2010
Is RAID1 an acceptable configuration for a Domain Controller?
Permalink  
 


It will work if that's what you are asking.

Other than the security issues mentioned by fghoffmann, I do like the fact raid 1 provides some hardware falut redundancy.

Promoting a new DC when the old one failed is a pain especially when other DCs are over WAN. Depends on the load of the DC, I personally would not use VM or blade.

Blade is just too problemaic and VM is way too risky. If load is high, consider moving the dit file and log to different volume(s), ie. a different raid 1 volume.



__________________
Page 1 of 1  sorted by
Quick Reply

Please log in to post quick replies.

Post to Digg Post to Del.icio.us
Members Login
Username 
 
Password 
    Remember Me